If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

The comment at the end - about the bounty and them not stopping - seems rather ignorant to me... What would the virus writers gain by stopping, just because somebody might rat them out? I mean they're already out there and have caused enough trouble. Yes, they are increasing the risk of them getting caught by releasing new virii, but they don't seem likely to care too much.

There is yet to see what this attack will consist of, but for some reason a DoS doesn't strike me as anything particularly effective [except as it could disable automatic definitions updates and with a new virus, written from the bottom up - new signature and all - the malware artists could take over a large number of computers]

Comments like that won't help in their presentence hearings after they are caught

Oh, COME ON! Gimme a break... I don't think people get how rarely a virus writer is caught. All this MS "bounty hunting" is a joke. The only people who are ever caught are the folks who give themselves up. Even then... the only people who where caught and even relatively involved within the so called VX scene so far has been black baron and also gigabyte... which really, her stuff was never even a threat. Besides that, name any other virus writer who got interviews about what they do when they wake up in the mourning, bring people into thier lives that much, litterally jump and do kicks infront of the camera, and maybe talk about who is currently seeing who in a romantic sorta way.

Besides all that... people who get infected with things are just plain ignorant and stupid. These are the type of people you will find in a court-room. What makes you think that anything these guys would have to say would even matter or make a difference?

i never realized that a big-time virus like netsky could be devised and written by one person, i always thought viruses were written by big underground hacker gangs. is Jaschan super smart or is virus writing just not that hard? or is he just the only person that got caught maybe?

Err no to the first part and yes to the second. You just have to look at the "lovebug" or "I love you virus" it was crude and badly written but had a huge impact Worldwide. On the other hand, Magistr, one of the most complex viruses that I have seen, was also written by a single individual. It did not have the impact, because it lacked the social engineering of lovebug.

If you look at viruses they are usually quite small and not that complex in their functionality. I would guess that they are better written by an individual than a committee.

Where I suspect collusion and collaboration take place is in detecting vulnerabilities and designing the exploit strategy.

Yes there are virus "clubs", forums or whatever, but their efforts seem to be those of individual members for the most part.

You have doubtless read of various countries employing malware writers in their intelligence/military............ that is probably a team effort, if only because it is funded.

The virus was/is brilliant in it's simplicity. So yes the guy who wrote it is a genius. In a way that marks mental ability to think and patience to try your experiment and tweak it until it works. Virus writers rarely get caught, it's almost as rare as a comet stiking the planet. (me looks up at the sky and sips bourbon.)

Very low complexity, high in trial.

West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.

Oh look, I modified a remote exploit so that it drops a few trojans and installs itself on remote computers! Oh and hey, look, I randomly packed a few worms to escape detection. Yeah, now I've really moved up in the world and have "become something" for these accomplishments. Bah...

Virtually all virus writers work alone. It's the standard profile. I did a whitepaper about our research on them a few years ago for NIPC. I'll try to dig it up later today, and post it if I find it. Out of all of the research that we have done, I was most intrigued by these guys.

As a side note, I think it is VERY obvious that those variant creators are not the same folk as the creators of the originals, as that Zdnet article would leave you to believe. Those little messages do not fit the profile of these guys at ALL.